Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          nli8TJSIN8mMU9aaBqC982UpZ0IgZFm30TaONGUec6o=
Subject key identifier:   D6:63:9C:9E:C1:0C:34:5F:C3:88:9F:9F:EC:C1:63:8F:BF:1B:6B:6D
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       019D2AE00A906B4BFC305C1FAFF4E4A6E196
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          0939
Signing time:             Thu 26 Mar 2026 16:00:18 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:18 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:18 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: ZRaFg58jneKK7XTsE/Cs654h3R4LIP1L568BMx4CM1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:0a:90:6b:4b:fc:30:5c:1f:af:f4:e4:a6:e1:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: Mar 26 16:00:18 2026 GMT
            Not After : Mar 27 16:00:18 2026 GMT
        Subject: CN=d6639c9ec10c345fc3889f9fecc1638fbf1b6b6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7e:64:8a:44:9d:3f:d8:00:6e:44:5f:e6:56:
                    46:2e:c3:91:63:2b:5e:77:b4:5b:03:d3:6b:6c:9a:
                    b5:cb:5a:8c:87:96:8e:a1:2f:55:34:54:d3:e0:cc:
                    5c:8d:1d:9e:41:3e:53:c0:ca:39:8e:01:5e:56:19:
                    c4:cb:62:44:ef:b9:5a:6c:c8:3b:a3:e2:68:5c:a2:
                    23:07:1a:29:13:bf:5f:67:80:1f:0e:ad:8e:11:bb:
                    66:1b:3b:3b:2b:e2:a9:38:46:b1:f1:d7:b4:fb:60:
                    f8:0e:86:4f:81:fe:2d:0d:a8:a3:9d:b8:fa:f2:2e:
                    6a:5d:03:c8:dd:56:86:31:a5:52:91:1b:4c:3c:66:
                    e9:45:17:c8:16:46:19:4e:f3:98:dc:74:9c:5d:0c:
                    22:a9:45:3d:5f:f3:61:9d:fd:c7:e8:5b:42:36:35:
                    03:d5:35:ca:1c:24:89:05:e1:25:10:72:60:b8:e1:
                    e2:e4:cc:39:37:f8:36:3f:45:85:69:15:bc:7f:ba:
                    60:3e:4a:d9:b3:b1:51:8a:25:3e:bb:a3:33:43:c5:
                    56:84:2a:54:71:ce:d6:60:e0:d2:ce:52:ae:93:c6:
                    eb:f0:76:87:06:c2:0c:60:47:03:27:72:40:89:a0:
                    49:4f:52:d6:68:5b:86:6c:d4:0f:18:ee:fe:88:bd:
                    91:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:63:9C:9E:C1:0C:34:5F:C3:88:9F:9F:EC:C1:63:8F:BF:1B:6B:6D
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:74:c3:02:0b:1d:49:c3:a5:07:d5:20:ee:c8:bc:0f:d8:c9:
         f0:f4:54:bf:e5:d7:d7:8c:4c:07:c4:63:2b:1c:c2:80:17:8b:
         f3:38:06:5b:42:1e:2b:4f:98:a8:12:fa:f6:16:25:a5:70:2d:
         27:ee:ca:21:d8:6c:00:67:6e:85:a8:59:72:16:dc:9f:3c:1c:
         fc:0e:91:ef:d6:b9:db:1a:00:59:b8:8d:c6:64:f2:b8:ff:ca:
         f4:79:4b:c8:73:1e:37:35:3e:7c:5e:5c:66:6b:d5:46:4e:c6:
         5f:ff:1c:13:6a:60:57:fd:24:57:2f:af:46:ed:f7:29:d8:32:
         ef:f6:6c:7c:ac:a0:92:d2:14:15:61:ca:5a:68:70:31:e8:0d:
         c6:65:56:14:67:0c:76:5d:71:0d:e5:4e:a2:80:6c:39:af:c4:
         88:81:90:53:b7:91:69:88:40:ea:b1:bb:d0:cd:01:5f:6b:c3:
         19:bc:9f:23:07:e8:5b:43:52:9e:08:82:a3:ea:13:59:8b:13:
         29:80:b8:42:52:04:10:9e:f9:93:a3:c8:b8:18:37:96:14:1c:
         37:24:c0:f2:c9:d3:aa:58:51:b0:7e:b8:18:3c:44:c2:19:45:
         96:6e:51:6f:71:05:ea:2c:7e:2b:a8:77:1b:d4:2e:09:c7:b7:
         1f:d8:05:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4AqQa0v8MFwfr/TkpuGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjYwMzI2MTYwMDE4WhcNMjYwMzI3MTYwMDE4WjAzMTEwLwYDVQQD
EyhkNjYzOWM5ZWMxMGMzNDVmYzM4ODlmOWZlY2MxNjM4ZmJmMWI2YjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn5kikSdP9gAbkRf5lZGLsORYyte
d7RbA9NrbJq1y1qMh5aOoS9VNFTT4MxcjR2eQT5TwMo5jgFeVhnEy2JE77labMg7
o+JoXKIjBxopE79fZ4AfDq2OEbtmGzs7K+KpOEax8de0+2D4DoZPgf4tDaijnbj6
8i5qXQPI3VaGMaVSkRtMPGbpRRfIFkYZTvOY3HScXQwiqUU9X/Nhnf3H6FtCNjUD
1TXKHCSJBeElEHJguOHi5Mw5N/g2P0WFaRW8f7pgPkrZs7FRiiU+u6MzQ8VWhCpU
cc7WYODSzlKuk8br8HaHBsIMYEcDJ3JAiaBJT1LWaFuGbNQPGO7+iL2RnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZjnJ7BDDRfw4ifn+zBY4+/G2ttMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUXTDAgsd
ScOlB9Ug7si8D9jJ8PRUv+XX14xMB8RjKxzCgBeL8zgGW0IeK0+YqBL69hYlpXAt
J+7KIdhsAGduhahZchbcnzwc/A6R79a52xoAWbiNxmTyuP/K9HlLyHMeNzU+fF5c
ZmvVRk7GX/8cE2pgV/0kVy+vRu33Kdgy7/ZsfKygktIUFWHKWmhwMegNxmVWFGcM
dl1xDeVOooBsOa/EiIGQU7eRaYhA6rG70M0BX2vDGbyfIwfoW0NSngiCo+oTWYsT
KYC4QlIEEJ75k6PIuBg3lhQcNyTA8snTqlhRsH64GDxEwhlFlm5Rb3EF6ix+K6h3
G9QuCce3H9gFgQ==
-----END CERTIFICATE-----